“For the first time in human history, it is near impossible to be unobserved,” –General Mark A. Milley (cited in Jones & McCaslin, 2020, p.45).
Advances in digital technology throughout the past several decades have provided counterintelligence (CI) services with unprecedented capabilities, completely altering the practice of CI. The digital revolution beginning in the latter half of the twentieth century and continuing into the present day, has resulted in a massive proliferation of digital technologies, which have become integrated into nearly every aspect of our daily lives. The number of devices with an internet connection, collectively referred to as the Internet of things (IoT), has grown exponentially. The development of technologies such as 5G, DNA testing, biometrics, and advertising technology (AdTech) has facilitated the practice of CI. These technologies provide CI services with novel surveillance technologies and swathes of personal data ripe for collection and analysis, allowing them to systemically monitor entire populations.
This essay argues that CI services have exploited recent technological developments to conduct surveillance on a massive scale, resulting in CI becoming a norm in our everyday lives. Intelligence agencies worldwide have taken advantage of these technological advancements to develop stronger CI capabilities. China, however, is taken as the focus of this essay because it is a global leader in surveillance technology thanks to a mutually beneficial relationship in which private Chinese telecommunications enterprises receive massive subsidies to produce CI-enabling technologies (Jones & McCaslin, 2020, p.26-27). The essay first describes recent technological developments and how they facilitate CI before discussing how the intimate relationship between the Chinese private sector and the state and its intelligence apparatus supports the development and deployment of CI-enabling technologies, thereby strengthening Chinese CI capabilities. Finally, the essay addresses the implications of China’s
technologically turbocharged CI for foreign intelligence services operating outside of China. Before discussing recent technological developments exploited by CI services, however, two key terms must be defined. While CI encompasses both the actions a state takes to protect against foreign penetrations of its intelligence services (defensive CI) and activities to undermine foreign intelligence capabilities (offensive CI), this essay focuses primarily on offensive CI (Van Cleave, 2013, p.58). “China” and “Beijing”, as used throughout the essay, refer to the Chinese party-state, not the Chinese people or society.
The twenty-first century has witnessed a proliferation of technologies facilitating CI. As these technologies become cheaper and more widely used, CI services have gained access to powerful surveillance technologies and swathes of data illuminating individuals’ behaviors and thoughts (Jones & McCaslin, 2020, p.18,21). The technological advancement is perhaps most salient to analyzing how digital developments have enabled more extensive CI is the fifth-generation mobile network (5G) (ibid., p.10). 5G connects “virtually everyone and everything together, including machines, objects, and devices” (Qualcomm, n.d.). 5G technology has reduced the time required for data to travel from its source to its destination and back, or its latency, by ten-fold. It has resulted in the number of connections per square kilometer increasing one thousand-fold over its 4G predecessor (Jones & McCaslin, 2020, p.11-12). 5G advancements have substantially altered our digital lives and provided CI practitioners with a suite of new technologies providing previously unimaginable surveillance capabilities. 5G has and will expand the IoT, accelerate the speed at which data is exchanged and analyzed, and increase the number of digital connections, all CI-enabling trends. The number of IoT devices, which includes smartphones and watches, smart home appliances, autonomous vehicles, biometric monitors, and more, was projected to reach 3.5 billion in 2023, a dramatic increase from 700 million in 2017 (ibid., p.10-11).
All of these devices are vulnerable to becoming monitored by CI (ibid., p.37). While technical surveillance has existed for decades, recent developments like 5G have resulted in surveillance technologies becoming more ubiquitous. CI services are now capable of monitoring individuals’ geolocation, biometrics, device metadata, and other personal data (Feldstein, 2019, p.10). Advancements in biometric technology allow CI services to quickly monitor and identify potential hostile targets. Facial recognition cameras can scan facial features to create a detailed biometric profile of an individual without their consent (ibid., p.18). Developments in drone technology allow for facial recognition cameras to be mounted on drones and deployed by CI services to conduct surveillance. Unlike a human CI officer, who is limited by a finite attention span and requires rest, drones and facial recognition cameras can feed CI practitioners information 24/7 (ibid, p.10,13). Similarly, as commercial DNA test kits allow an individual to gain insights into congenital health issues or his/her ancestry proliferate, DNA databases have grown in size. They are a prime target for CI services seeking to exploit biometric data (McLaughlin & Dorfman, 2019).
Meanwhile, advancements made in AdTech have provided businesses with a wealth of data profiling individuals’ routines, preferences, and locations. While AdTEch was developed in the private sector to target consumers more accurately, it has likely fallen into the hands of CI services. AdTech allows CI practitioners to monitor an individual’s preferences, behavior, and location (Jones & McCaslin, 2020, p.22). While AdTech data is typically anonymized, tools like first and third-party tracking, cookies, and device-matching technology allow CI services to breach these protective measures (ibid., p.21-22). Taken together, developments in 5G, biometrics, and AdTech have provided CI services with unprecedentedly strong monitoring and surveillance capabilities, resulting in CI becoming a norm in our daily lives. Selecting China as a case study, the following two paragraphs will discuss how states and their intelligence services can facilitate the development of CI-enabling technologies and covertly deploy them to strengthen the breadth and strength of their CI services.
China is a global leader in surveillance technology (Jones & McCaslin, 2020, p.26). The Chinese telecommunications sector has enjoyed a strong level of support from the government, providing it a comparative advantage over its Western competitors. Chinese civil-military fusion (军民融合), which encompasses civil-intelligence fusion, demonstrates how a government can support technological development to obtain stronger CI capabilities (U.S. Department of State, 2020). To become a global leader in technology, China began heavily subsidizing domestic technology companies during the 1990s (Lee, 2018, p.2-4). Chinese subsidies for domestic technological companies greatly exceed those given by Western governments to their respective technological sectors. From 2013-2018, for instance, the value of Chinese state grants to Huawei, the largest telecommunications company in the world, was valued at seventeen times greater than those given to Swedish rival Ericcson by the Swedish government, while Finnish telecommunications company Nokia received no state subsidies (Jones & McCaslin, 2020, p.29). The value of state subsidies for Huawei suggests that China and the company enjoy an intimate relationship in which Huawei receives funding in return for allowing Chinese intelligence services to exploit its technology to conduct widespread monitoring and surveillance (Ford, 2019). Indeed, a 2019 Sunday Times article reported that the CIA uncovered evidence showing that Huawei had received funding from the People’s Liberation Army and Chinese intelligence services. State funding for Chinese telecommunications companies encourages them to develop CI-enabling technologies; Chinese law also demands that private entities cooperate with Chinese intelligence services.
The National Intelligence Law of the People’s Republic of China (国家情报发) passed in 2017 stipulates that private entities must cooperate with Chinese intelligence and that the state rewards private individuals or entities supporting intelligence activities (中国人大网, 2018). The law drew international criticism for providing Chinese intelligence agencies extensive powers for the requisition of communications or transportation equipment, entry into restricted facilities, and warrant-free investigations. The National Intelligence Law was passed alongside a suite of related laws that expanded legal justifications for the state’s security activities and demanded cooperation from Chinese and foreign citizens in both offensive and defensive intelligence operations (Tanner, 2017). Viewed as a whole, these laws demonstrate that Chinese intelligence services and telecommunications companies enjoy an intimate relationship, lending strength to the argument that telecommunications companies such as Huawei operate in coordination with Chinese intelligence to the extent that they cannot be conceptualized as wholly private entities. These companies do not operate solely to generate profit but also to serve Beijing’s domestic and foreign policy agendas (Ford, 2019).
While China rejects allegations that Huawei technology threatens any state’s national security as “groundless and misleading,” British signals intelligence agency GCHQ admitted allowing Huawei to operate in the UK would present significant risks to British national security (Fisher, 2019). Further demonstrating the close relationship between Chinese private sector telecommunications companies and the Chinese state is the development of “dual-use technology,” or technologies that serve both military/intelligence and civilian purposes (Lampert, 2020). Huawei’s “iFlytek Voiceprint Management Platform,” for instance, can determine an individual’s identity by comparing it to a large database of recorded voices. Huawei technology also provides Chinese security services with facial recognition capabilities and the ability to track a device’s location by intercepting its MAC address over WiFi (Dou, 2021). Huawei also developed “One Person One File” software which compiles data collected through technical surveillance and uses artificial intelligence to classify it and create a profile of an individual’s behavior, relationships, and even emotions (Healy & Rollet, 2021). While these technologies are often first deployed domestically to regions problematic for Beijing, such as Xinjiang, China also deploys them throughout the world, posing serious threats to foreign intelligence services and their agents operating abroad. The next section of this essay will describe how China has exported CI-enabling technologies around the world, allowing Beijing to conduct mass surveillance internationally.
Spreading dual-use technologies worldwide allows Beijing to extend the reach of its surveillance regime internationally (Ford, 2019). China capitalizes on opportunities presented by the Belt and Road Initiative (BRI)–a one-trillion-dollar global connectivity project promoting infrastructure, energy, finance, and trade ties with China–to export dual-use technologies worldwide (Layton, 2020, p.875.) The Chinese-Pakistan Economic Corridor (CPEC), worth $63 billion and considered the BRI’s flagship project, for instance, is threatened by Pakistan’s chronic civil and societal unrest (ibid, p.881). In response, China has provided Pakistan with a suite of surveillance technologies to allow the latter to conduct widespread monitoring of its citizens to allow Pakistan to more ably handle domestic unrest. China outfitted Lahore with Huawei’s “Safe City” platform consisting of 8,000 facial recognition cameras, 5G wireless, automated vehicle license plate recognition, and other surveillance technologies. The information collected by these surveillance platforms is compiled into a “Safe City Integrated Command and Communication Center” database, where it is analyzed to uncover patterns, trends, and relationships to identify individuals of interest and even predict their behavior (ibid., p.880-881). Huawei’s Safe City technology allows Pakistan and China to conduct CI on a massive scale, rendering CI an aspect of Pakistanis’ everyday lives (Jones & McCaslin, 2020, p.36). Like Pakistan, Africa is another major destination for BRI aid and investment and is a large recipient of Chinese surveillance technology.
In 2018, for instance, Chinese startup CloudWalk signed a deal with Zimbabwe to create a nationwide facial recognition program by deploying its cameras in Zimbabwean airports, railways, and bus stations (Layton, 2020, p.882). The purpose of the project was nominally to create a database of all Zimbabwean voters’ faces to make elections more secure and trustworthy and for law enforcement and security purposes more broadly (ibid. p.882) (Nash, 2022). Some, however, questioned whether the database was adequately secured and whether data could be used for malign purposes such as CI (Nash, 2022). Since entering Zimbabwe, China has expanded its digital presence in Africa, investing $8.43 billion in the continent through the Digital Silk Road, which exists in part to facilitate the proliferation of Chinese surveillance technology abroad (Woodhams, 2020, p.160) (Chaudhury, 2021). In late 2020, there existed twelve Huawei Safe City initiatives in sub-Saharan Africa alone (Woodhams, 2020, p.160). In addition to exporting Chinese surveillance technologies to BRI signatories, China has also deployed these technologies to Western countries. In 2011, Chinese telecommunications company ZTE entered into a partnership with the French city of Marseille to work on a project called the “Big Data of Public Tranquility.” As part of the project, ZTE deployed two thousand surveillance cameras and established a control operation center fueled by artificial intelligence capable of sound and visual recognition (Artigas, 2019, p.37).
As the first “safe city” in Europe, Marseille’s Big Data of Public Tranquility project was a major milestone for China as it seeks to extend the reach of its global surveillance regime into the West (ibid., p.37). Chinese telecommunications companies made further inroads into France in 2017 when Huawei gifted its “safe city” technology to the northeastern city of Valenciennes. Huawei’s donation consisted of 240 facial recognition cameras and an intelligent command center capable of detecting suspicious movements and crowds (Feldstein, 2019, p.11). The goal of the projects in Marseille and Valenciennes was nominally to reduce crime through widespread public surveillance, but the ties between Chinese telecommunications companies and the state’s intelligence apparatus mean that French and other intelligence services of interest to Chinese CI must assume that their activities are monitored in any country that uses Chinese telecommunications technology (ibid.), (Jones & McCaslin, 2020, p.36). Recognizing the strength and omnipresence of Chinese surveillance technology throughout the world, foreign intelligence services have had to seriously adjust their practices to avoid falling prey to Chinese CI. The next section of this essay will discuss how the embeddedness of Chinese surveillance technology worldwide has strengthened China’s CI capabilities and forced Western intelligence agencies to reevaluate their respective modus operandi.
Thanks to its technological superiority, China is regarded throughout the West as the most formidable CI threat (Zegart, 2022, p.147). Recognizing this, Western intelligence agencies have had to adjust their practices to avoid falling prey to Chinese CI. The international presence of Chinese surveillance technology allows China’s CI services to closely monitor entire populations and has made conducting human intelligence (HUMINT) operations more difficult than ever before. China’s surveillance capabilities allow Chinese CI to reveal the genuine identity and intentions of an intelligence officer or his or her agent almost as soon as he or she enters a foreign state that uses Chinese telecommunications equipment. Take, for instance, an intelligence officer entering a foreign nation that has received Chinese surveillance technologies like the “Safe City” platform. When clearing customs, the officer’s biometric data is collected by facial recognition cameras and fingerprint scans and is uploaded to a database to which both indigenous and Chinese CI services have access.
Next, when the officer rents a car, his or her driver’s license and the vehicle’s license plate are uploaded to the database. When the officer checks into his or her hotel and uses personal devices connected to a 5G cellular network provided by a Chinese telecommunications company, their device’s signatures are collected and added to the database. After the officer’s mission is complete and he or she pays for accommodation using a credit card linked to a U.S. government account, the officer goes to the airport mistakenly believing that his or her activities went undetected. To the officer’s surprise, he or she is detained at customs after his or her passport triggers a security warning. While not detained by Chinese CI, Beijing’s CI services almost certainly have access to the data collected by the Safe City platform and, therefore, also the behavior and identity of this intelligence officer whose cover is now blown and thus inoperable (Jones & McCaslin, 2020, p.48-51).
Recognizing the threat posed to American intelligence services by Chinese CI-enabling technologies, the U.S. has begun to take a different approach to conducting HUMINT operations. More operations are now carried out under non-official cover (NOC). The officer-involved works without official ties to the government as CI-enabling technologies easily expose official covers. According to a 2019 comment by a former official in the CIA’s Directorate of Operations, fewer than ten percent of officers in the Directorate operate under aliases (McClaughlin & Dorfman 2019). By the mid-2010s, the CIA concluded that evading CI required hiding in plain sight. The agency increasingly used of NOCs, recruiting individuals in their private sector roles and deploying them to operate under their actual names due to the infeasibility of maintaining an alias in a country with Chinese surveillance technology (ibid.), (Jones & McCaslin, 2020, p.36). The agency secretly transfers some NOCs, often white-collar professionals, onto its payroll and covertly trains them occasionally far from any publicly-known CIA grounds. American intelligence agencies have also begun collaborating with commercial DNA/ancestral databases to alter entries that contain personally identifying information of its employees or agents (McClaughlin & Dorfman, 2019). These measures, however, are not a panacea to the threat posed by technical surveillance. According to NSA former Director of Research Eric Haseltine, in light of recent technological developments, the U.S. intelligence community is not capable of protecting identities anymore. “Our officers overseas are known,” he said (ibid.).
The development and proliferation of CI-enabling technologies have resulted in CI becoming a norm in our everyday lives. This essay discussed how new technologies such as 5G, biometrics, DNA testing, and AdTech had provided CI practitioners with unprecedented monitoring and surveillance capabilities. It focused on how China has formed an intimate relationship with domestic telecommunications companies to facilitate the development of CI-enabling technologies before describing how Beijing has exported its surveillance technology internationally and used it to monitor foreign populations. Finally, it discussed how this trend has upended how American intelligence agencies practice HUMINT to demonstrate growing recognition of the threat posed by Chinese surveillance and monitoring within the West. While China was taken as the focus of this essay, intelligence agencies worldwide exploit technological developments to conduct more thorough and penetrating CI, signaling that we have arrived in an era in which surveillance and monitoring are norms in our everyday lives.
About the Author
Matthew Egger is a rising fourth-year undergraduate student at Durham University. He studies International Relations and Chinese Language and interns at the School of Government and International Affairs. He can be found on Twitter @EggerMatthew
The views and opinions expressed in this paper are the author’s and not necessarily those of the Lobo Institute. For more information on the institute or to get on the mailing list for our papers and LoboCasts, please go to Lobo Institute.
Artigas, A. (2019) “Beneath the surface of the Safe City: surveillance in the times of Chinese supremacy?,” Sciences Po Cities and Digital Technologies Chair Working Paper. Available at: https://www.sciencespo.fr/ecole-urbaine/sites/sciencespo.fr.ecole-urbaine/files/2019_01%20-%20Artigas_0.pdf.
Chaudhury, D. (2021) “China reportedly investing $8.43 bn in Africa as part of Digital Silk Road initiative,” The Economic Times, 15 October. Available at: https://economictimes.indiatimes.com/news/international/world-news/china-reportedly-investing-8-43-bn-in-africa-as-part-of-digital-silk-road-initiative/articleshow/87039334.cms?utm_source=contentofinterest&utm_medium=text&utm_campaign=cppst.
Dou, E. (2021) “Documents link Huawei to China’s surveillance programs,” Washington Post, 14 December. Available at: https://www.washingtonpost.com/world/2021/12/14/huawei-surveillance-china/.
Feldstein, S. (2019) “The Global Expansion of AI Surveillance,” Carnegie Endowment Working Paper. Available at: https://carnegieendowment.org/files/WP-Feldstein-AISurveillance_final1.pdf.
Fisher, L. (2019). “CIA warning over Huawei,” Sunday Times, 20 April. Available at: https://www.thetimes.co.uk/article/cia-warning-over-huawei-rz6xc8kzk.
Ford, C. (2019) “Huawei and Its Siblings, the Chinese Tech Giants: National Security and Foreign Policy Implications,” U.S. Department of State. Available at: https://2017-2021.state.gov/huawei-and-its-siblings-the-chinese-tech-giants-national-security-and-foreign-policy-implications/index.html
Healy, C. & Rollet C. (2021) “BBC Panorama Documentary on AI Features IPVM,” IPVM, 28 May. Available at: https://ipvm.com/reports/ipvm-appears-in-bbc-documentary.
Jones, M & McCaslin, E. (2020) “Special Operations in a 5G World: Can We Still Hide in the Shadows?,” Masters of Science thesis, U.S. Naval Postgraduate School, Monterrey, California.
Lampert, K. (2020) “Dual-use surveillance tech: How trade agreements can incentivise good behaviour,” about: Intel-European Voices on Surveillance. Available at: https://aboutintel.eu/eu-export-controls-trade-incentives/#:~:text=Dual%2Duse%20refers%20to%20goods,risk%20of%20being%20mis%2Dused.
Layton, P. (2020) “Artificial intelligence, big data and autonomous systems along the belt and road: towards private security companies with Chinese characteristics?” Small Wars & Insurgencies, 31(4), p.874-897.
Lee, K. (2018) AI Superpowers: China, Silicon Valley, and the New World Order. Boston, MA: Houghton Mifflin Harcourt.
McClaughlin, J. & Dorfman, Z. (2019) “‘Shattered’: Inside the secret battle to save America’s undercover spies in the digital age,” Yahoo! News, 30 December. Available at: /shattered-inside-the-secret-battle-to-save-americas-undercover-spies-in-the-digital-age-100029026.html#:~:text=Yahoo%20News-,’Shattered’%3A%20Inside%20the%20secret%20battle%20to%20save%20America’s,spies%20in%20the%20digital%20age&text=Over%20the%20next%20six%20months,civil%20servants%2C%20including%20intelligence%20officials.
Nash, J. (2022) “CloudWalk has Zimbabwean’s face biometrics, but trust in voter roll still lacking,” Biometricupdate.com, 14 June. Available at: https://www.biometricupdate.com/202206/cloudwalk-has-zimbabweans-face-biometrics-but-trust-in-voter-roll-still-lacking.
Qualcomm (n.d.) “Everything you need to know about 5G.” Available at: https://www.qualcomm.com/5g/what-is-5g.
Tanner, M. (2017) “Beijing’s New National Intelligence Law: From Defense to Offense,” Lawfare, 20 July 2017. Available at: https://www.lawfareblog.com/beijings-new-national-intelligence-law-defense-offense.
U.S. Department of State (2020) “Military-Civil Fusion and the People’s Republic of China,” Department of State One Pager. Available at: https://www.state.gov/wp-content/uploads/2020/05/What-is-MCF-One-Pager.pdf.
Van Cleave, M. (2013) “What is Counterintelligence? A Guide to Thinking and Teaching about CI,” Journal of U.S. Intelligence Studies, 20(2), p. 57-65.
Woodhams, S. (2020). “China, Africa, and the Private Surveillance Industry,” Georgetown Journal of International Affairs, vol.21, p.158-165.
Zegart, A. (2022) Spies, Lies, and Algorithms: The History and Future of American Intelligence. Princeton, NJ: Princeton University Press.
中国人大网 (2018) “中华人民共和国国家情报法,” 全国人民代表大会.” Available at: http://www.npc.gov.cn/npc/c30834/201806/483221713dac4f31bda7f9d951108912.shtml.